From aaa7d9652eb58dd47327a99e70451b08f682356f Mon Sep 17 00:00:00 2001
From: Pawel Wieczorek <p.wieczorek2@samsung.com>
Date: Wed, 30 Dec 2020 15:21:11 +0100
Subject: Allow using multiple remote IP prefixes for security groups

This patch is required for allowing machine-to-machine traffic within
ONAP cluster with no Vagrant operator involvement.

Issue-ID: INT-1601
Change-Id: I0159b3176ecb3e5783f4f87b9b507824fc411b2b
Signed-off-by: Pawel Wieczorek <p.wieczorek2@samsung.com>
---
 .../create_devstack_securitygroup/tasks/create_securitygroup.yml    | 6 ++++--
 .../roles/openstack/create_devstack_securitygroup/tasks/main.yml    | 4 +++-
 2 files changed, 7 insertions(+), 3 deletions(-)

(limited to 'deployment/noheat/infra-openstack/ansible/roles')

diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml
index d6b78d1f4..bd8abf564 100644
--- a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/create_securitygroup.yml
@@ -8,7 +8,8 @@
   os_security_group_rule:
     security_group: "{{ secgrp.name }}"
     protocol: icmp
-    remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}"
+    remote_ip_prefix: "{{ item }}"
+  loop: "{{ secgrp.remote_ip_prefix }}"
 
 - name: "Create {{ secgrp.name }} security group rule for SSH"
   os_security_group_rule:
@@ -16,4 +17,5 @@
     protocol: tcp
     port_range_min: 22
     port_range_max: 22
-    remote_ip_prefix: "{{ secgrp.remote_ip_prefix }}"
+    remote_ip_prefix: "{{ item }}"
+  loop: "{{ secgrp.remote_ip_prefix }}"
diff --git a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml
index 3ce0e182b..d04b72c34 100644
--- a/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml
+++ b/deployment/noheat/infra-openstack/ansible/roles/openstack/create_devstack_securitygroup/tasks/main.yml
@@ -1,4 +1,6 @@
 ---
-- include: create_securitygroup.yml secgrp={{ item }}
+- include: create_securitygroup.yml
   loop:
     - "{{ securitygroup }}"
+  loop_control:
+    loop_var: secgrp
-- 
cgit 1.2.3-korg